Devices and systems for detecting unauthorized communication of data from a magnetic stripe device or embedded smart chip device

ABSTRACT

Disclosed are devices, systems and the like for determining unauthorized communication of data from a card device equipped with a magnetic stripe and/or smart chip. The card device is able to count by recording the number of instances in which the card device has either been swiped at a magnetic card reader or communicated data via an embedded Integrated Circuit (IC). In specific embodiments, the device is further configured to differentiate between authorized swipes/data communications and unauthorized data communications.

FIELD OF THE INVENTION

The present invention relates to data communication and, morespecifically, counting and recording at a card device each instance inwhich the magnetic stripe of such a device is swiped or the dataassociated with an embedded integrated circuit in the device is readand, in specific embodiments, differentiating between authorizedswipes/readings and unauthorized swipes/readings.

BACKGROUND

Card devices, otherwise referred to herein as card-like devices, storeinformation via (i) a magnetic stripe located on a facing of the carddevice and/or (ii) memory associated with an embedded integrated circuit(i.e., a so-called smart card device). The information stored on suchcard devices is typically information that is deemed to be confidentialinformation, such as user information, account information or the like.

Wrong-doers can readily capture the information stored on card devicesby employing card skimming devices, which are unauthorized devices thatmerely capture the data and do not further transmit the data for anauthorized purpose. Once the information has been captured, thewrong-doers may seek to create unauthorized duplicate card devices orthe like. The possibility of having a card read by a card skimmingdevice, increases when a user of the card device is no longer inpossession of the card device (e.g., when a user provides the carddevice to a waiter at a restaurant for making payment and the waiterconducts the payment transaction out-of-sight of the user). In suchinstances, a wrong-doer in possession of the card device absent theuser, may have the card device read via a valid authorized card reader(i.e., a point-of-sale terminal authorized to conduct paymenttransactions) and additionally may subject the card to one or moreunauthorized card skimming devices. Once the card is returned to theuser, the user has no way of determining that the card device has beensubjected to the unauthorized card skimming devices.

Therefore, a need exists to allow for a user to determine unauthorizedreading of data from a card device. In this regard, the desired devices,systems and the like should allow for the user to not only be aware ofthe number of times that a card device has been read (i.e., swiping ofthe magnetic stripe or communicating data from a smart chip card device)but also whether the readings are authorized or unauthorized readings.In addition, the desired invention should provide for numerous ways bywhich the user can be notified and/or made aware of the number ofinstances in which the card has been swiped at a magnetic stripe readeror communicated data via the smart chip (embedded integrated circuit(IC)) and, in specific embodiments, means by which the card may bedeactivated in response to determining a prescribed number of instancesof swiping the card device at a magnetic stripe reader or communicateddata via the embedded IC of a smart card device.

SUMMARY

The following presents a simplified summary of one or more embodimentsin order to provide a basic understanding of such embodiments. Thissummary is not an extensive overview of all contemplated embodiments,and is intended to neither identify key or critical elements of allembodiments, nor delineate the scope of any or all embodiments. Its solepurpose is to present some concepts of one or more embodiments in asimplified form as a prelude to the more detailed description that ispresented later.

Embodiments of the present invention address the above needs and/orachieve other advantages by providing devices, systems and computerprogram products for determining unauthorized communication of data froma card device. In this regard, according to the present invention, thecard device is able to count and record the number of instances in whicha card device has either been swiped at a magnetic card reader orcommunicated data via an embedded Integrated Circuit (IC) (i.e., a smartcard device) and, in specific embodiments of the invention,differentiate between authorized swipes/data communications andunauthorized data communications.

In specific embodiments of the invention, card devices equipped with anembedded IC device are able to detect instances in which data is readfrom the device (i.e., either instances in which the card is swiped orinstances in which the card comes in contact with an electromagneticfield or short-range wireless communication field so as to prompt awireless communication protocol. In other embodiments of the invention,the card device may be equipped with sensors that detect each instancethat the card device has been swiped, or is inserted into a smart cardreader.

In specific embodiments of the invention, the card device may beequipped with a display that is configured to display the count ofinstances in which the card device has either been swiped at a magneticcard reader or communicated data via the embedded IC. In otherinstances, the card device may implement short-range wirelesscommunication, such as Near Field Communication (NFC) or the like, tocommunicate the count to a mobile communication device application thatis configured to display the count to the user via the mobilecommunication device. In other embodiments of the invention, therecorded count may be read, in response to the card device beingpresented at an Automated Teller Machine (ATM) or other card readingkiosk and the count displayed at the ATM and/or kiosk.

In further embodiments of the invention the card device is configured todifferentiate between authorized/legitimate readings of data from thecard device and unauthorized readings of data from the card device. Inspecific embodiment of the invention, such differentiation isaccomplished by communicating from the authorized reading device aregistered identification (i.e., fingerprint) at the time of the readingof the data that is stored in unison with the count information (e.g.,time, location, and the like) associated with the reading of the data.In such embodiment, data being read by unregistered reading devices aredeemed to be unauthorized readings of the data.

In additional embodiments of the invention, in which a predeterminednumber of counts have been recorded and, in some embodiments, over apredetermined time period, an alert may be electronically communicatedto the user of the card device or the card device may be deactivated fora prescribed period of time or until further action is taken tore-activate the card device.

A device configured for detecting unauthorized communication of datafrom the device defines first embodiments of the invention. The deviceincludes a card-like body and at least one of (i) a magnetic stripe,disposed on a facing of the card-like body, configured to store firstdata or (ii) an integrated circuit, embedded within the card-like body,having corresponding memory configured to store second data. The carddevice is configured to count by recording each instance of reading thefirst data from the magnetic stripe or communicating the second datafrom the memory. The first data and the second data may, according tospecific embodiments of the device, be the same data or, in otherembodiments, the first and second data may be different data.

In specific embodiments of the device, at least one of the magneticstripe or the memory is configured to count by recording each instanceof reading the first data from the magnetic stripe.

In other specific embodiments of the device, the integrated circuit isconfigured to count by recording each instance of the device coming intocontact with an electromagnetic field and initiating a wirelesscommunication protocol to communicate the second data from the memory.

In still further embodiments of the device, the integrated circuit isconfigured to count by recording each instance of the device coming intocontact with a short-range wireless communication reader and initiatinga short range wireless communication protocol to communicate the seconddata from the memory.

In further embodiments the device includes at least one sensorconfigured to sense at least one of swiping the magnetic stripe in amagnetic swipe reader or inserting at least a portion of the device intoa reader terminal configured for reading the second data from thememory. In such embodiments of the invention, the sensor includes atleast one of an accelerometer, a gyroscope, a pressure sensor and alight sensor. In specific related embodiments the device includes aswipe detection routine stored in the memory and executable by theintegrated circuit. The routine is configured to detect that themagnetic stripe has been swiped by implementing one or more of (i) theaccelerometer to determine a requisite level of acceleration associatedwith swiping, (ii) the gyroscope to determine proper swipe orientationof the device based on location of the magnetic stripe on the device,(iii) the pressure sensor to determine a requisite pressure at themagnetic stripe associated with swiping the device thru a magneticstripe reader, and (iv) the light sensor to determine a requisite levelof light encountered by the device while being swiped thru a magneticstripe reader. In other specific embodiments the device includes aninsertion detection routine stored in the memory and executable by theintegrated circuit. The routine is configured to detect that the devicehas been inserted into a reader terminal by implementing one or more of(i) the gyroscope to determine proper insertion orientation of thedevice into the reader terminal based on location of the integratedcircuit, (ii) the pressure sensor to determine a requisite pressureapplied to the device while inserted into the reader terminal, and (iv)the light sensor to determine a requisite level of light encountered bythe device for a predetermined period of time while inserted into thereader terminal.

In still further specific embodiments the device includes a display,disposed on a facing of the card-like body, configured to display anumber of the instances of at least one of reading the first data fromthe magnetic stripe or communicating the second data from the memory.

Moreover, in additional specific embodiments the device includes atleast one short-range wireless communication mechanism. The short-rangewireless communication mechanism is configured to communicate, to amobile communication terminal, a number of the instances of at least oneof reading the first data from the magnetic stripe or communicating thesecond data from the memory. In related embodiments the device isconfigured to, upon being inserted into an Automated Teller Machine(ATM), be read, from the magnetic stripe or the memory, the number ofthe instances of at least one of reading the first data from themagnetic stripe or communicating the second data from the memory,wherein the number is displayed at the ATM.

In still further embodiments the device includes a clock mechanism thatis configured to record a time, at which, each instance of reading thefirst data from the magnetic stripe or communicating the second datafrom the memory occurred.

Moreover, in additional specific embodiment the device is furtherconfigured to differentiate between authorized and unauthorizedinstances of the reading the first data from the magnetic stripe or thecommunicating the second data from the memory. In such embodiments ofthe device may be configured to record, in the magnetic stripe or in thememory, a registered identifier (i.e., fingerprint), such that, theregistered identifier is communicated to the device from an authorizedreader device in response to (i) reading the first data from themagnetic stripe at the authorized reader device or (ii) communicatingthe second data from the memory to the authorized reader device.

In still further specific embodiments of the device, the device isfurther configured, in response to determining that a threshold counthas been met or exceeded within a predetermined period of time, initiatecommunication of an electronic alert to a user of the device. In otherrelated embodiments of the device, the device is configured, in responseto determining that a threshold count has been met or exceeded within apredetermined period of time, deactivate the device from conductingpayment transactions.

A system for detecting unauthorized communication of data from a devicedefines second embodiments of the invention. The system includes adevice having a card-like body and at least one of (i) a magneticstripe, disposed on a facing of the card-like body, configured to storefirst data or (ii) an integrated circuit, embedded within the card-likebody, having corresponding memory configured to store second data. Thedevice is configured to count and record each instance of reading thefirst data from the magnetic stripe or communicating the second datafrom the memory. The system further includes a mobile communicationterminal having a memory and at least one processor in communicationwith the memory. The mobile communication terminal includes a countdisplay and control module that is stored in the memory and executableby the processor. The module is configured to receive, via short-rangewireless communication, the number of instance of reading the first datafrom the magnetic stripe or communicating the second data from thememory and display the number on the mobile communication terminal.

In specific embodiments of the system, the count display and controlmodule is further configured to reset counting at the device bycommunicating, via short-range wireless communication, a reset signal tothe device. In other related embodiments of the system, the countdisplay and control module is further configured to receive and display,on the mobile communication terminal, an alert that indicates that thedevice has met or exceeded, over a predetermined period of time, apredetermined number of instances of at least one of reading the firstdata from the magnetic stripe or communicating the second data from thememory.

A computer program product for detecting unauthorized communication ofdata from a card-like device including at least one of (i) a magneticstripe, disposed on a facing of a body of the card-like device,configured to store first data or (ii) an integrated circuit, embeddedwithin the card-like body, having corresponding memory configured tostore second data defines third embodiments of the invention. Thecomputer program product includes a non-transitory computer-readablestorage medium having computer-executable instructions for counting andrecording each instance of reading the first data from the magneticstripe or communicating the second data from the memory.

In specific embodiments of the computer program product, theinstructions further include instructions for differentiating betweenauthorized and unauthorized instances of the reading the first data fromthe magnetic stripe or the communicating the second data from thememory.

Thus, devices, systems, and computer program products herein describedin detail below provide for counting and recording, within a carddevice, of the number of instances in which the card device has eitherhad data read from the magnetic stripe or data communicating from memoryassociated with a smart chip/embedded integrated circuit. In specificembodiments, the count information is subsequently communicated to theuser of the card device so that the user is made aware of how many timesa card was swiped or otherwise had data communicated therefrom. Infurther embodiments of the invention, differentiation is made betweenunauthorized card readings and unauthorized card readings and suchinformation is communicated to the user, along with the countinformation, so that the user is made aware of which data readings wereunauthorized readings of the data.

The features, functions, and advantages that have been discussed may beachieved independently in various embodiments of the present inventionor may be combined with yet other embodiments, further details of whichcan be seen with reference to the following description and drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

Having thus described embodiments of the invention in general terms,reference will now be made the accompanying drawings, wherein:

FIGS. 1A-1C provide a schematic diagrams of exemplary devices configuredfor detecting unauthorized communication of data from the device, inaccordance with embodiments of the present invention;

FIG. 2 provides a block diagram of an device configured for detectingunauthorized communication of data from the device, in accordance withembodiments of the present invention; and

FIG. 3 provides a schematic diagram of a system configured for detectingand reporting unauthorized communication of data from the device, inaccordance with embodiments of the present invention.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION

Embodiments of the present invention will now be described more fullyhereinafter with reference to the accompanying drawings, in which some,but not all, embodiments of the invention are shown. Indeed, theinvention may be embodied in many different forms and should not beconstrued as limited to the embodiments set forth herein; rather, theseembodiments are provided so that this disclosure will satisfy applicablelegal requirements. Like numbers refer to like elements throughout.

As will be appreciated by one of skill in the art in view of thisdisclosure, the present invention may be embodied as an apparatus (e.g.,a system, computer program product, and/or other device), a method, or acombination of the foregoing. Accordingly, embodiments of the presentinvention may take the form of an entirely hardware embodiment, anentirely software embodiment (including firmware, resident software,micro-code, etc.), or an embodiment combining software and hardwareaspects that may generally be referred to herein as a “system.”Furthermore, embodiments of the present invention may take the form of acomputer program product comprising a computer-usable storage mediumhaving computer-usable program code/computer-readable instructionsembodied in the medium.

Any suitable computer-usable or computer-readable medium may beutilized. The computer usable or computer-readable medium may be, forexample but not limited to, an electronic, magnetic, optical,electromagnetic, infrared, or semiconductor system, apparatus, ordevice. More specific examples (e.g., a non-exhaustive list) of thecomputer-readable medium would include the following: an electricalconnection having one or more wires; a tangible medium such as aportable computer diskette, a hard disk, a time-dependent access memory(RAM), a read-only memory (ROM), an erasable programmable read-onlymemory (EPROM or Flash memory), a compact disc read-only memory(CD-ROM), or other tangible optical or magnetic storage device.

Computer program code/computer-readable instructions for carrying outoperations of embodiments of the present invention may be written in anobject oriented, scripted or unscripted programming language such asJAVA, PERL, SMALLTALK, C++ or the like. However, the computer programcode/computer-readable instructions for carrying out operations of theinvention may also be written in conventional procedural programminglanguages, such as the “C” programming language or similar programminglanguages.

Embodiments of the present invention are described below with referenceto flowchart illustrations and/or block diagrams of methods orapparatuses (the term “apparatus” including systems and computer programproducts). It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer program instructions. These computer program instructions maybe provided to a processor of a general purpose computer, specialpurpose computer, or other programmable data processing apparatus toproduce a particular machine, such that the instructions, which executeby the processor of the computer or other programmable data processingapparatus, create mechanisms for implementing the functions/actsspecified in the flowchart and/or block diagram block or blocks.

These computer program instructions may also be stored in acomputer-readable memory that can direct a computer or otherprogrammable data processing apparatus to function in a particularmanner, such that the instructions stored in the computer-readablememory produce an article of manufacture including instructions, whichimplement the function/act specified in the flowchart and/or blockdiagram block or blocks.

The computer program instructions may also be loaded onto a computer orother programmable data processing apparatus to cause a series ofoperational steps to be performed on the computer or other programmableapparatus to produce a computer implemented process such that theinstructions, which execute on the computer or other programmableapparatus, provide steps for implementing the functions/acts specifiedin the flowchart and/or block diagram block or blocks. Alternatively,computer program implemented steps or acts may be combined with operatoror human implemented steps or acts in order to carry out an embodimentof the invention.

According to embodiments of the invention described herein, variousdevice, systems, apparatus, methods, and computer program products areherein described for determining unauthorized communication of data froma card device. In this regard, according to the present invention, thecard device is able to count and record the number of instances in whichthe card device has either been swiped at a magnetic card reader orcommunicated data via an embedded Integrated Circuit (IC) (i.e., a smartcard device). In specific embodiments of the invention, the device isfurther configured to differentiate between authorized swipes/datacommunications and unauthorized data communications.

In specific embodiments of the invention, card devices equipped with anembedded IC device are able to detect instances in which data is readfrom the device (i.e., either instances in which the card is swiped orinstances in which the card comes in contact with an electromagneticfield or other short-range wireless communication field so as to prompta wireless communication protocol to transmit data. In other embodimentsof the invention, the card device may be equipped with sensors thatdetect each instance that the card device has been swiped, or isinserted into a smart card reader.

In specific embodiments of the invention, the card device may beequipped with a display that is configured to display the number ofinstances in which the card device has either been swiped at a magneticcard reader or communicated data via the embedded IC. In otherinstances, the card device may implement short-range wirelesscommunication, such as NFC or the like to communicate the number to amobile communication device application that is configured to displaythe number to the user via the mobile communication device. In otherembodiments of the invention, the recorded number of instances may beread, in response to the card device being presented at an AutomatedTeller Machine (ATM) and the number displayed at the ATM.

In further embodiments of the invention the card device is configured todifferentiate between authorized/legitimate readings of data from thecard device and unauthorized readings of data from the card device. Inspecific embodiment of the invention, such differentiation isaccomplished by communicating from the authorized reading device aregistered identification (i.e., fingerprint) at the time of the readingof the data that is stored in unison with the count information (e.g.,time, location, and the like) associated with the reading of the data.In such embodiment, data being read by unregistered reading devices aredeemed to be unauthorized readings of the data.

In additional embodiments of the invention, in which a predeterminednumber of counts have been recorded and, in some embodiments, over apredetermined time period, an alert may be electronically communicatedto the user of the card device or the card device may be deactivated fora prescribed period of time or until further action is taken tore-activate the card device.

Thus, the present invention serves to improve a card device by addingsecurity features that enable a user to have knowledge of each instancein which the card is read by a magnetic stripe reader or communicatesdata from memory associated with a smart chip (i.e., embedded IC).Additionally, the card device is improved by rendering security featuresthat provide for informing the user of the card device as to which ofthe instances are authorized and which are unauthorized. Moreover, thecard device is improved by adding security features that alert the userand/or de-active the card device based on occurrence, over apredetermined time period, of a predetermined number of instances inwhich the card is read by a magnetic stripe reader or communicates datafrom memory associated with a smart chip (i.e., embedded IC).

Referring to FIGS. 1A-AC, devices 100A-C are depicted that areconfigured for detecting unauthorized communication of data from thedevice, in accordance with embodiments of the present invention. Thedevices 100 comprise a card-like body 110, FIGS. 1A-1C show one facing,either the front facing or the back facing of the card-like body 110.FIG. 1A depicts device 100A having a magnetic stripe 120 disposedlengthwise across a facing of the card-like body 110. The magneticstripe is configured to store data, herein referred to as first data,which can be read by a magnetic stripe reader device (commonly referredto as swiping the device 100A).

FIG. 1B depicts device 100B having an integrated circuit (IC) (e.g.,microprocessor, also referred to as a smart chip) 130 embedded withinthe card-like body 110. In those embodiments in which the card-like body110 is constructed of transparent materials, the IC 130 may be visibleto the user, while in other embodiments in which the card-like body isnot constructed of transparent materials, the IC may not be visible tothe user. The IC 130 is associated with a corresponding memory, whichstore data, herein referred to as second data, which can beread/communicated to a smart card reader device or the like. The smartcard reader, otherwise referred to as a dip reader, provides forinserting the device 100 into the reader at which point the device comesin contact with an electromagnetic field to power the card and ashort-range wireless protocol, such as Radio Frequency Identification(RFID) or the like is initiated to transfer the second data from thedevice to the reader. In specific embodiments of the invention, thememory may be incorporated within the IC 130 or, in other embodiments ofthe invention, the memory may be a stand-alone component that is incommunication with the IC 130 or the memory may be cloud-based memoryaccessible to the IC 130. According to embodiments of the presentinvention, the first data stored in the magnetic stripe 120 and thesecond data stored in the memory associated with IC 130 may be the samedata or different data.

FIG. 1C depicts device 100C having both a magnetic stripe 120 and anintegrated circuit 130. As previously discussed the magnetic stripe 120is disposed lengthwise across a facing of the card-like body 110. Themagnetic stripe is configured to store data, herein referred to as firstdata. The integrated circuit (e.g., microprocessor, also referred to asa smart chip) 130 is embedded within the card-like body 110. The IC 130is associated with a corresponding memory, which store data, hereinreferred to as second data. First and second data may the same data ordifferent data. Devices 100C having both a magnetic stripe 120 and anembedded IC 130 allow for data to read/communicated from the device byboth a magnetic stripe reader device and/or a smart card reader device.In addition, device 100C includes a short-range wireless communicationmechanism 140, such as NFC or the like, embedded within the card-likebody 110, which provides for the second data, stored in the memoryassociated with the IC 130, to be read/communicated to a contactlessshort range wireless reader device.

In accordance with embodiments of the invention, the card device 100A-Cis configured to count by recording each instance that the first data isread from the magnetic stripe 120 and/or the second data is communicatedfrom the memory associated with the IC. In specific embodiments of theinvention, the magnetic stripe 120 is configured with read/writecapabilities, such that magnetic stripe records each instance in whichthe first data is read from the magnetic stripe (i.e., each instance ofthe card being swiped at a magnetic swipe reader). In other embodimentsof the invention, in which the device 100 includes both a magneticstripe 120 and IC 130, the memory associated with the IC 130 may be infurther communication with the magnetic stripe 120, such that the memoryrecords each instance in which the first data is read from the magneticstripe.

In other specific embodiments of the invention, in which the card deviceincludes an IC 130, the IC 130 is configured to count by recording, inthe memory associated with the IC 130, each instance that the devicecomes into contact with an electromagnetic field (for the purpose ofpowering up the IC 130) and, subsequently, initiates a wirelesscommunication protocol (such as, RFID or the like) to communicate datafrom the memory associated with the IC 130. In other specificembodiments of the invention, in which the card device includes an IC130, the IC 130 is configured to count by recording, in the memoryassociated with the IC 130, each instance that the device comes intocontact with a short-range wireless reader (e.g., each time theshort-range wireless mechanism 140 in the device 100 ispowered-up/awoken) and, subsequently, initiates a short range wirelessprotocol (NFC, Bluetooth® or the like) to communicate data from thememory associated with the IC 130

Referring to FIG. 3, a block diagram is present of a device 100configured for detecting unauthorized communication of data from thedevice, in accordance with embodiments of the present invention. Inaddition to providing greater detail, FIG. 3 highlights variousalternate embodiments of the invention. The device 100 may include anydevice having a card-like body 110 and at least one of (i) a magneticstripe 120 disposed on a facing of the card-like body 110 that isconfigured to store first data (not shown in FIG. 3) and/or (ii) anintegrated circuit 130, otherwise referred to as a microprocessor orsmart chip, embedded in the card-like body 110 that is associated with acorresponding memory (not shown in FIG. 3) configured to store seconddata (not shown in FIG. 3). As previously noted, the memory may beincluded within the IC 130 or accessible to the IC 130. In addition thefirst and second data may be the same data or different data. Inaccordance with embodiments of the invention, the card device isconfigured to count by recording each instance of (i) reading the firstdata from the magnetic stripe and/or (ii) communicating the second datafrom the memory associated with/corresponding to the IC 130.

In specific embodiments of the invention, the magnetic stripe 120 isconfigured to count 150, by recording, in the magnetic stripe 120 or inthe memory associated with the IC 130, each instance of reading thefirst data from the magnetic stripe (e.g., each time the card 100 isswiped in a magnetic stripe reading device).

In other embodiments of the invention, the IC 130 is configured to count160, by recording, in the memory associated with the IC 130, eachinstance in which the device 100 comes in contact with anelectromagnetic field (i.e., each time the IC is powered-up) andinitiates a wireless communication protocol, such as RFID or the like,to communicate the second data from the memory associated with the IC130. In other embodiments of the invention, the IC 130 is configured tocount 170, by recording, in the memory associated with the IC 130, eachinstance in which the device 100 comes in contact with short-rangewireless communication field, such as Near Field Communication (NFC) orthe like, and initiates a short-range wireless communication protocol,such as NFC or the like, to communicate the second data from the memoryassociated with the IC 130.

In specific embodiments of the invention, device is further configuredto differentiate 180 between authorized and unauthorized instances inwhich the (i) first data is read from the magnetic stripe 120, and/or(ii) the second data is communicated from the memory associated with theIC 130. In specific embodiments of the invention, differentiationbetween authorized and unauthorized instances is accomplished byrecording, in the magnetic stripe 120 and/or the memory associated withthe IC 130, a registered identifier 192, otherwise referred to as an“authenticating fingerprint”, which is communicated to the device by anauthorized reader device 190 (e.g., authorized magnetic stripe reader,smart card reader or short-range wireless reader) in response to (i)reading the first data from the magnetic stripe at an authorized readerdevice 190 and/or (ii) communicating the second data from the memory tothe authorized reader device 190. In this regard, unauthorized readerdevices (e.g., skimmer devices or the like) will not have the capabilityto communicate a registered identifier 192 and, thus, any instance ofrecording a reading/communication of first or send data which does notinclude a corresponding registered identifier 192 would be deemed to bean unauthorized reading or communication of the data.

In specific embodiments of the invention, the device 100 includes one ormore sensors 200 that are configured to detect instances of when thedevice has (i) first data read from the magnetic stripe 120, and/or (ii)second data communicated from the memory associated with the IC 130. Inspecific embodiments of the invention, the sensors may include anaccelerometer 210, a gyroscope 220, a pressure sensor 230 and a lightsensor 240.

In specific embodiments of the invention, one or more sensors 200 areconfigured to detect the swiping of the device 100 and, specifically theswiping of the magnetic stripe 120, in a magnetic stripe reader. In suchembodiments of the invention, the device may implement a swipe detectionroutine (not shown in FIG. 3) that is configured to detect that that themagnetic stripe 120 has been swiped by implementing one or more of (i)the accelerometer 210 to determine a requisite level of accelerationassociated with the swiping motion, (ii) the gyroscope 220 to determineproper swipe orientation of the device 100 based on the location of themagnetic stripe 120 on the facing of the device 100, (iii) the pressuresensor 230 to determine a requisite level of pressure at the magneticstripe 120 that is associated with the magnetic stripe contacting themagnetic stripe reader device, and (iv) a light sensor 240 to determinea requisite level of light (in other words, darkness) encountered by thedevice while being swiped thru a magnetic stripe reader device. Inspecific embodiments of the invention, the swipe detection routineimplements more than one and, in some embodiments all of theaforementioned sensors 200, to determine/detect that the magnetic stripe120 of the device 100 has been swiped thru a magnetic stripe readerdevice. Data analytics may be implemented to take into the readings oftwo or more of the sensors 200 to determine if a swipe of the magneticstripe 120 has occurred.

In other embodiments of the invention, the device may implement aninsertion detection routine (not shown in FIG. 3) that is configured todetect that that the device 100 has been inserted into a reader terminal(e.g., a smart device reader terminal or dip reader terminal) byimplementing one or more of (i) the gyroscope to determine properinsertion orientation of the device 100 required by the reader terminal,(ii) the pressure sensor to determine a requisite level of pressureapplied to the device while inserted into the reader terminal, and (iv)a light sensor to determine a requisite level of light (in other words,darkness) encountered by the device while inserted in the readerterminal. Since smart card reader devices typically require a prolongedinsertion period, the requisite level of pressure and/or the requisitelevel of light may be required to occur over a predetermined period oftime (i.e., the typically time in which the device is inserted into thereader terminal). In specific embodiments of the invention, theinsertion detection routine implements more than one and, in someembodiments all of the aforementioned sensors 200, to determine/detectthat the device 100 has been inserted into a reader terminal. In furtherembodiments of the invention, data analytics may be implemented to takeinto the readings of two or more of the sensors 200 to determine if aninsertion has occurred.

In other embodiments of the invention, the device 100 has various meansavailable for providing the number of instances in which the device 100has been read and/or communicated the first and/or second data. Incertain embodiments, the device includes a display 300 on a facing ofthe card-like body 110 that is configured to display the number 310 ofinstances in which the device 100 has been read and/or communicated thefirst and/or second data (i.e., the number of times the card 100 hasbeen swiped, inserted in a card reader device and/or communicated datavia short-range wireless protocol). In such embodiments, the countershown in the display may be re-set (i.e., changed to a zero count)remotely, such as via a reset signal communicated via shortrange-wireless communication for a mobile terminal device (e.g., auser's smart telephone device or the like). In other embodiments of theinvention, the device may include a short-range wireless communicationmechanism, such as an NFC mechanism or the like that is configured tocommunicate the number 310 of instances in which the device 100 has beenread and/or communicated the first and/or second data to a deviceequipped with a corresponding short-range wireless communicationreceiver, such as mobile communication terminal, which, in turn, isconfigured to display the number 310 of the device, e.g., display thenumber 310 on the user's mobile communication device.

In other embodiments of the invention, the device 100 is configured to,in response to inserting 500 the card 100 at an Automated teller Device(ATM) or some other kiosk device, display the number 310 of instances inwhich the device 100 has been read and/or communicated the first and/orsecond data at the ATM or kiosk. In such embodiments the insertion 500of the card 100 in the ATM or kiosk, results in the ATM or kiosk readingthe number 310 from the magnetic stripe 120 or the memory associatedwith the IC. Once the number 310 has been read from the device 100, theATM or kiosk can display the number and any other relevant informationto the user.

In further embodiments of the invention, the device 100 may include aclock mechanism 600, which is configured to record the time 610 at whichthe data was read and/at communicated. The time(s) 610 may becommunicated to the user along with number 310 via the display 300, themobile communication device and/or ATM/kiosk so that a user can deducewhether the readings/communications were authorized or unauthorizedreadings/communications.

In still further embodiments of the invention, the IC 130 of the card100 is configured to initiate execution an alert routine 700 that isconfigured communicate an alert to the user in the event that apredetermined number 710 of instances of reading/communicating the datahas occurred. In specific embodiments, the alert is initiated if thepredetermined number (i.e., threshold count/number) 710 of instances ofreading/communicating the data has occurred over a predetermined periodof time (e.g., within an hour, a day or the like). The alert routine 700may be stored and executed at the device 100, in which case the alertmay be communicated to the user's mobile communication device, via shortrange wireless communication, such as NFC or the like. In otherembodiments of the invention, the device may be configured to send analert signal to a network-based alert routine 700 that subsequentlygenerates and initiates wireless or cellular network communication ofthe alert to the user's mobile communication device.

In other specific embodiments of the invention, the IC 130 of the card100 is configured to initiate execution a de-activation routine 800 thatis configured de-activate the device 100 in the event that apredetermined number 810 of instances of reading/communicating the datahas occurred. In specific embodiments, deactivation is initiated if thepredetermined number (i.e., threshold count/number) 810 of instances ofreading/communicating the data has occurred over a predetermined periodof time (e.g., within an hour, a day or the like). The de-activationroutine 800 may be stored and executed at the device 100 or, in otherembodiments of the invention, the device may be configured to send apredetermined count signal to a network-based deactivation routine 800that subsequently sends a network communication to the device 100 thatdeactivates the device 100.

Referring to FIG. 3 a system 900 is depicted for detecting and reportingunauthorized communication of data from a device, in accordance withembodiments of the present invention. The system includes a device 100having a card-like body 110 and at least one of (i) a magnetic stripe120, disposed on a facing of the card-like body 110, that is configuredto store first data, and/or (ii) an integrated circuit (IC) 130,embedded within the card-like body 110 that is configured to storesecond data in memory associated with the IC 130. The device 100 isconfigured to count by recording each instance of (i) reading the firstdata from the magnetic stripe and/or (ii) communicating the second datafrom the memory associated with the IC 130. In optional embodiments, thedevice 100 may additionally include a short-range wireless communicationmechanism 140 configured for communicating first and second data to acorresponding short-range wireless communication reader device and/orcommunicating (i) number 310 of instances of having first data readand/or second data communicated, and/or (ii) alert 710 that isconfigured to alert the user that a threshold number of instances ofhaving first data read and/or second data communicated has occurred.

System 900 additionally includes mobile communication terminal 1000 thatincludes a memory 1010 and at least processor 1020 in communication withthe memory 1010. Mobile communication terminal 1000 is in wirelesscommunication 1100 with device 100 via a short-range wirelesscommunication 1100 means, such as NFC, Bluetooth® or the like.Additionally, the memory 1010 of mobile communication terminal 1000stores count display and control module 1020 that is configured toreceive, via the short-range wireless communication 1110 means, such asNFC, Bluetooth® or the like the number 310 of instances of (i) readingthe first data from the magnetic stripe and/or (ii) communicating thesecond data from the memory associated with the IC 130. In response toreceiving the number 310, the count display and control module 1020 isconfigured to display the number 310 on the display 1030 of the mobilecommunication terminal 1000. In addition to displaying the number 310,the count display and control module 1020 may provide for displayingother information such as the number of authorized and/or unauthorizedinstances of (i) reading the first data from the magnetic stripe and/or(ii) communicating the second data from the memory and/or the time atwhich the instances occurred.

In further embodiments of system, the display and control module 1020 isfurther configured to receive a user input that is configured togenerate and communicate, via the short-range wireless communication1100 means, a reset signal 1040 to the device 100 that serves to resetthe counter (e.g., set the counter to zero). In such embodiments of thesystem, in response to communicating the reset signal 1040, the display1030 on the mobile communication device 1000 is changed to indicate azero number of instances of (i) reading the first data from the magneticstripe and/or (ii) communicating the second data from the memory.

In additional embodiments of the system, the display and control module1020 is further configured to receive, via the short-range wirelesscommunication 1100 means and/or the cellular or data network (e.g.,Internet), an alert 730 that indicates that the device 100 has met orexceeded a predetermined number of instances of (i) reading the firstdata from the magnetic stripe and/or (ii) communicating the second datafrom the memory. In specific embodiments of the system, the alert isissued in response to a predetermined number of instances occurring overa predetermined period of time (e.g., within an hour, a day or thelike). In such embodiments, in response to receiving the alert 730, thedisplay 1030 on the mobile communication device 1000 is configured todisplay the alert 730 to the user.

Thus, devices, systems, and computer program products herein describedin detail below provide for a counting and recording, within a carddevice, of the number of instances in which the card device has eitherhad data read from the magnetic stripe or data communicating from memoryassociated with a smart chip/embedded integrated circuit. In specificembodiments, the count information is subsequently communicated to theuser of the card device so that the user is made aware of how many timesa card was swiped or otherwise had data communicated therefrom. Infurther embodiments of the invention, differentiation is made betweenunauthorized card readings and unauthorized card readings and suchinformation is communicated to the user, along with the countinformation, so that the user is made aware of which data readings wereunauthorized readings of the data. While certain exemplary embodimentshave been described and shown in the accompanying drawings, it is to beunderstood that such embodiments are merely illustrative of and notrestrictive on the broad invention, and that this invention not belimited to the specific constructions and arrangements shown anddescribed, since various other changes, combinations, omissions,modifications and substitutions, in addition to those set forth in theabove paragraphs, are possible.

Those skilled in the art may appreciate that various adaptations andmodifications of the just described embodiments can be configuredwithout departing from the scope and spirit of the invention. Therefore,it is to be understood that, within the scope of the appended claims,the invention may be practiced other than as specifically describedherein.

1. A device configured for detecting unauthorized communication of datafrom the device, the device comprising: a card-like body; at least oneof a magnetic stripe, disposed on a facing of the card-like body,configured to store first data or an integrated circuit, embedded withinthe card-like body, having corresponding memory configured to storesecond data, wherein the card device is configured to count by recordingeach instance of reading the first data from the magnetic stripe orcommunicating the second data from the memory.
 2. The device of claim 1,wherein at least one of the magnetic stripe is configured to count byrecording each instance of reading the first data from the magneticstripe.
 3. The device of claim 1, wherein the integrated circuit isconfigured to count by recording each instance of the device coming intocontact with an electromagnetic field and initiating a wirelesscommunication protocol to communicate the second data from the memory.4. The device of claim 1, wherein the integrated circuit is configuredto count by recording each instance of the device coming into contactwith a short-range wireless communication reader and initiating ashort-range wireless communication protocol to communicate the seconddata from the memory.
 5. The device of claim 1, wherein the devicefurther comprises at least one sensor configured to sense at least oneof swiping the magnetic stripe in a magnetic swipe reader or insertingat least a portion of the device into a reader terminal configured forreading the second data from the memory.
 6. The device of claim 5,wherein the sensor comprises at least one of an accelerometer, agyroscope, a pressure sensor and a light sensor.
 7. The device of claim6, further comprising a swipe detection routine stored in the memory,executable by the integrated circuit and configured to detect that themagnetic stripe has been swiped by implementing one or more of (i) theaccelerometer to determine a requisite level of acceleration associatedwith swiping, (ii) the gyroscope to determine proper swipe orientationof the device based on location of the magnetic stripe on the device,(iii) the pressure sensor to determine a requisite pressure at themagnetic stripe associated with swiping the device thru a magneticstripe reader, and (iv) the light sensor to determine a requisite levelof light encountered by the device while being swiped thru a magneticstripe reader.
 8. The device of claim 6, further comprising an insertiondetection routine stored in the memory, executable by the integratedcircuit and configured to detect that the device has been inserted intoa reader terminal by implementing one or more of (i) the gyroscope todetermine proper insertion orientation of the device into the readerterminal based on location of the integrated circuit, (ii) the pressuresensor to determine a requisite pressure applied to the device whileinserted into the reader terminal, and (iv) the light sensor todetermine a requisite level of light encountered by the device for apredetermined period of time while inserted into the reader terminal. 9.The device of claim 1, further comprising a display, disposed on afacing of the card-like body, configured to display a number of theinstances of at least one of reading the first data from the magneticstripe or communicating the second data from the memory.
 10. The deviceof claim 1, further comprising at least one short-range wirelesscommunication mechanism, wherein the short-range wireless communicationmechanism is configured to communicate, to a mobile communicationterminal, a number of the instances of at least one of reading the firstdata from the magnetic stripe or communicating the second data from thememory.
 11. The device of claim 1, wherein the device is configured to,upon being inserted into an Automated Teller Machine (ATM), be read,from the magnetic stripe or the memory, a number of the instances of atleast one of reading the first data from the magnetic stripe orcommunicating the second data from the memory and, wherein the number isdisplayed at the ATM.
 12. The device of claim 1, further comprising aclock mechanism, wherein the clock mechanism is configured to record atime, at which, each instance of reading the first data from themagnetic stripe or communicating the second data from the memoryoccurred.
 13. The device of claim 1, wherein the device is furtherconfigured to differentiate between authorized and unauthorizedinstances of the reading the first data from the magnetic stripe or thecommunicating the second data from the memory.
 14. The device of claim13, wherein the device is configured to record, in the magnetic stripeor in the memory, a registered identifier, wherein the registeredidentifier is communicated to the device from an authorized readerdevice in response to (i) reading the first data from the magneticstripe at the authorized reader device or (ii) communicating the seconddata from the memory to the authorized reader device.
 15. The device ofclaim 1, wherein the device is further configured, in response todetermining that a threshold count has been met or exceeded within apredetermined period of time, initiate communication of an electronicalert to a user of the device.
 16. The device of claim 1, wherein thedevice is further configured, in response to determining that athreshold count has been met or exceeded within a predetermined periodof time, deactivate the device from conducting payment transactions. 17.A system for detecting unauthorized communication of data from a device,the system comprising: a device having a card-like body and at least oneof (i) a magnetic stripe, disposed on a facing of the card-like body,configured to store first data or (ii) an integrated circuit, embeddedwithin the card-like body, having corresponding memory configured tostore second data, wherein the device is configured to count byrecording each instance of reading the first data from the magneticstripe or communicating the second data from the memory; and a mobilecommunication terminal having a memory, at least one processor incommunication with the memory and a count display and control module,stored in the memory, executable by the processor and configured toreceive, via short-range wireless communication, the number of instancesof reading the first data from the magnetic stripe or communicating thesecond data from the memory and display the number on the mobilecommunication terminal.
 18. The system of claim 17, wherein the countdisplay and control module is further configured to reset counting atthe device by communicating, via short-range wireless communication, areset signal to the device.
 19. The system of claim 17, wherein thecount display and control module is further configured to receive anddisplay, on the mobile communication terminal, an alert that indicatesthat the device has met or exceeded, over a predetermined period oftime, a predetermined number of instances of at least one of reading thefirst data from the magnetic stripe or communicating the second datafrom the memory.
 20. A computer program product for detectingunauthorized communication of data from a card-like device including atleast one of (i) a magnetic stripe, disposed on a facing of a body ofthe card-like device, configured to store first data or (ii) anintegrated circuit, embedded within the card-like body, havingcorresponding memory configured to store second data, the computerprogram product comprising a non-transitory computer-readable storagemedium having computer-executable instructions for: counting byrecording each instance of reading the first data from the magneticstripe or communicating the second data from the memory.
 21. Thecomputer program product of claim 19, wherein the instructions furtherinclude instructions for differentiating between authorized andunauthorized instances of the reading the first data from the magneticstripe or the communicating the second data from the memory.